summaryrefslogtreecommitdiffstats
path: root/NetworkPkg/HttpDxe
diff options
context:
space:
mode:
authorAbner Chang <abner.chang@amd.com>2024-01-04 17:46:07 +0800
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2024-01-10 03:19:31 +0000
commit43ab6622a8b13baa9389efda818186ae96a327de (patch)
tree61f9bf4f0c5d11b424b3ce5a06b03f7d82c63f3f /NetworkPkg/HttpDxe
parent0abd598e3f123ce89a9f543206fd355dfc02fef3 (diff)
downloadedk2-43ab6622a8b13baa9389efda818186ae96a327de.tar.gz
edk2-43ab6622a8b13baa9389efda818186ae96a327de.tar.bz2
edk2-43ab6622a8b13baa9389efda818186ae96a327de.zip
NetworkPkg/HttpDxe: Consider TLS certificate not found as a success case
We still return EFI_SUCCESS to the caller when TlsConfigCertificate returns error, for the use case the platform doesn't require certificate for the specific HTTP session. This ensures HttpInitSession function still initiated and returns EFI_SUCCESS to the caller. The failure is pushed back to TLS DXE driver if the HTTP communication actually requires certificate. Signed-off-by: Abner Chang <abner.chang@amd.com> Cc: Saloni Kasbekar <saloni.kasbekar@intel.com> Cc: Zachary Clark-williams <zachary.clark-williams@intel.com> Cc: Michael Brown <mcb30@ipxe.org> Cc: Nickle Wang <nicklew@nvidia.com> Cc: Igor Kulchytskyy <igork@ami.com> Reviewed-by: Michael Brown <mcb30@ipxe.org> Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
Diffstat (limited to 'NetworkPkg/HttpDxe')
-rw-r--r--NetworkPkg/HttpDxe/HttpsSupport.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSupport.c
index a07323ff0b..04a830f715 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -722,8 +722,21 @@ TlsConfigureSession (
//
Status = TlsConfigCertificate (HttpInstance);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "TLS Certificate Config Error!\n"));
- return Status;
+ if (Status == EFI_NOT_FOUND) {
+ DEBUG((DEBUG_WARN, "TLS Certificate is not found on the system!\n"));
+ //
+ // We still return EFI_SUCCESS to the caller when TlsConfigCertificate
+ // returns error, for the use case the platform doesn't require
+ // certificate for the specific HTTP session. This ensures
+ // HttpInitSession function still initiated and returns EFI_SUCCESS to
+ // the caller. The failure is pushed back to TLS DXE driver if the
+ // HTTP communication actually requires certificate.
+ //
+ Status = EFI_SUCCESS;
+ } else {
+ DEBUG((DEBUG_ERROR, "TLS Certificate Config Error!\n"));
+ return Status;
+ }
}
//